From 0d034cd18e22bdd34c15a3024af83d756219066b Mon Sep 17 00:00:00 2001
From: Matt Moyer <moyerm@vmware.com>
Date: Fri, 14 Aug 2020 10:04:43 -0500
Subject: [PATCH] Pin images to exact hashes (Dependabot can handle this, it
 seems).

Signed-off-by: Matt Moyer <moyerm@vmware.com>
---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index ee71025a..7ecffcb3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,7 @@
 # Copyright 2020 VMware, Inc.
 # SPDX-License-Identifier: Apache-2.0
 
-FROM golang:1.15.0 as build-env
+FROM golang:1.15.0@sha256:f92b2f06e4dbda381b142d63b009cf5117bb3c487617d4695808fce05a808ebe as build-env
 
 # It is important that these ARG's are defined after the FROM statement
 ARG ACCESS_TOKEN_USR="nothing"
@@ -37,7 +37,7 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "$(hack/get-ldflags.
 
 
 # Use a runtime image based on Debian slim
-FROM debian:10.5-slim
+FROM debian:10.5-slim@sha256:b2cade793f3558c90d018ed386cd61bf5e4ec06bf8ed6761bed3dd7e2c425ecc
 
 # Copy the binary from the build-env stage
 COPY --from=build-env /work/out/placeholder-name-server /usr/local/bin/placeholder-name-server